[El-errata] ELSA-2025-17129 Important: Oracle Linux 8 idm:DL1 security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Oct 2 14:57:30 UTC 2025
Oracle Linux Security Advisory ELSA-2025-17129
http://linux.oracle.com/errata/ELSA-2025-17129.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.x86_64.rpm
custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
ipa-client-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-client-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-client-epn-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-client-samba-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-core-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-python-compat-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-selinux-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
ipa-server-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-dns-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-trust-ad-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.x86_64.rpm
opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.x86_64.rpm
python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-ipaclient-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipalib-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipaserver-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipatests-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.noarch.rpm
python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-qrcode-core-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.x86_64.rpm
softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm
softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.x86_64.rpm
aarch64:
bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.aarch64.rpm
custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
ipa-client-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-client-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-client-epn-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-client-samba-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-healthcheck-core-0.12-6.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-python-compat-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-selinux-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
ipa-server-common-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-dns-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
ipa-server-trust-ad-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.aarch64.rpm
opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.aarch64.rpm
python3-custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-ipaclient-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipalib-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipaserver-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-ipatests-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.noarch.rpm
python3-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.noarch.rpm
python3-pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
python3-qrcode-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-qrcode-core-5.3-1.module+el8.10.0+90676+16d53ab4.noarch.rpm
python3-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.noarch.rpm
slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.aarch64.rpm
softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm
softhsm-devel-2.6.0-5.module+el8.9.0+90094+20819f5a.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/bind-dyndb-ldap-11.6-6.module+el8.10.0+90553+1bd85afa.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/custodia-0.6.0-3.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/ipa-4.9.13-20.0.1.module+el8.10.0+90676+16d53ab4.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/ipa-healthcheck-0.12-6.module+el8.10.0+90676+16d53ab4.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/opendnssec-2.1.7-2.module+el8.10.0+90553+1bd85afa.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-jwcrypto-0.5.0-2.module+el8.10.0+90573+7d6bd8da.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-kdcproxy-0.4-5.module+el8.10.0+90553+1bd85afa.1.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-qrcode-5.3-1.module+el8.10.0+90676+16d53ab4.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-yubico-1.3.2-9.1.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/pyusb-1.0.0-9.1.module+el8.9.0+90094+20819f5a.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/slapi-nis-0.60.0-4.module+el8.10.0+90297+bfe93ccc.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/softhsm-2.6.0-5.module+el8.9.0+90094+20819f5a.src.rpm
Related CVEs:
CVE-2025-7493
Description of changes:
bind-dyndb-ldap
[11.6-6]
- Fix rpminspect warnings
Resolves: RHEL-22497
custodia
ipa
[4.9.13-20.0.1]
- Set IPAPLATFORM=rhel when build on Oracle Linux [Orabug: 29516674]
[4.9.13-20]
- Refactor ipatests for unique krbcanonicalname
Resolves: RHEL-110061
[4.9.13-19]
- Enforce uniqueness across krbprincipalname and krbcanonicalname
ipa-kdb: enforce PAC presence on TGT for TGS-REQ
ipatests: extend test for unique krbcanonicalname
Resolves: RHEL-110061
ipa-healthcheck
opendnssec
[2.1.7-2]
- Don't creat /var/run/opendnssec directory
- Resolves: RHEL-12163
python-jwcrypto
python-kdcproxy
[0.4-5.1]
- Log KDC timeout only once per request
Resolves: RHEL-68634
python-qrcode
python-yubico
pyusb
slapi-nis
softhsm
More information about the El-errata
mailing list